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IN THE CLAIMS 

1 . (Previously Presented) A device, comprising: 

a removable digital memory including a port at which digital information stored on 
said removable digital memory can be accessed; 

a memory for storing first conditional access data and at least one content 
encryption key; 

a second port for receiving user certificate data and a first key of a key pair 
contained in a write once memory of an access card that has been paired with a 
destination device; and 

a processor responsive to the user certificate data received on said second port 
for authenticating the received certificate data based on the first conditional access data 
stored in said memory, the processor, upon said authentication, encrypting information 
stored in said removable digital memory using the at least one content encryption key, to 
thereby provide encrypted information in said removable digital memory, the processor 
operable for encrypting said content encryption key using said first key received on said 
second port and outputting said encrypted content encryption key to enable access of 
said encrypted information stored on said removable digital memory by an external 
device. 

2. (Original) A device according to claim 1, further comprising means for establishing 
that said access card is not expired. 
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3. (Original) A device according to claim 2, wherein said means for establishing that 
said access card is not expired is performed by comparing the current time with a 
timestamp in said received user certificate data. 

4. (Original) A device according to claim 1 , wherein said first key is a public key of a 
public/private key pair. 

5. (Original) A device according to claim 1 , wherein said access card is inserted into 
a slot of said device. 

6. (Previously Presented) An access card for enabling secure accessing of digital 
information stored on a removable memory, the access card comprising: 

a memory having stored therein a first conditional access certificate and a second 
conditional access certificate; 
a write once memory; 

means for authenticating first and second conditional access certificates with 
respective first and second certificate data stored on respective destination and source 
devices; 

said write once memory, following authentication of said card with a destination 
device, being updated to store a public key of a public/private key pair stored in said 
destination device to thereby pair the access card with said destination device; and 

a processor operable for, upon authentication of said card with a source device, 
controlling transmission of said public key to said source device, wherein, in response 
thereto, said memory being updated to store encrypted data comprising a first key 



-3- 



Customer No. 24498 PATENT 
Attorney Docket No. PU030342 
Office Action Date: 6/22/10 

encrypted using said public key, said first key also being used to encrypt information on 
said removable memory at said source device, whereby communication of said 
encrypted data to said destination device enables decryption of said data using said 
private key to recover said first key, to thereby decrypt encrypted information in said 
removable memory. 

7. (Original) An access card according to claim 6, further comprising an electronic 
time stamp. 

8. (Previously Presented) A digital information destination device comprising: 
a digital information input port; 

a digital information decoder coupled to said digital information input port for 
decoding digital information encoded with a content encoding key, when said content 
encoding key is available, to thereby produce unencoded digital information; 

memory preloaded with at least a second stored User Certificate and mutually 
corresponding private and public encryption keys associated with said destination 
device; 

a content encoding key decryptor for decrypting said content encoding key with a 
content encoding key encryption key; 

an access card reader for reading an access card, where said access card 
includes authentication means and a write once memory which, prior to a first insertion 
in said destination device, includes at least a second Conditional Access Certificate and 
a first User Certificate and which, after said first insertion, includes at least said public 
portion of said private and public encryption keys thereby pairing the access card and 
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the destination device and which, prior to a subsequent insertion in said destination 
device, is inserted into a source device and updated to include a content encoding key 
encrypted with said key encryption key, whereby said destination device, following said 
subsequent insertion of said access card, has the key encryption key and can decrypt 
said content encoding key and, using said content encoding key, decode said digital 
information encoded with said content encoding key. 

9. (Previously Presented) A method for securely transferring information from a 
source device to an external device, the source device having a removable digital 
memory containing information accessible to the source device, the information 
contained in said digital memory intended to be protected from unauthorized access, the 
method comprising: 

receiving at the source device user certificate data from an access device that 
has been paired with a destination device and comparing the user certificate data with a 
first Conditional Access Certificate stored in memory of said source device for 
authenticating the certificate data; 

accessing, by said source device, said information stored in said removable 
digital memory and encrypting said information stored in said removable digital memory 
using at least one content encryption key stored in said source device, upon 
authentication of said certificate data; 

receiving at the source device a public key from a write once memory of the 
access device and encrypting said at least one content encryption key using said public 
key; and 
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transmitting said encrypted content encryption key to enable access of said 
encrypted information stored on said removable digital memory by an external device 
communicable with said access device. 



10. (Previously Presented) A method for securely porting digital information from a 
source device to a destination device comprising: 

providing a source device having a removable digital memory and including a first 
Conditional Access Certificate; 

providing a destination device having a second stored User Certificate and also 
including mutually corresponding private and public encryption keys associated with said 
destination device; 

providing an access card capable of use with both said source device and said 
destination device, said access card including a second Conditional Access Certificate 
and a first User Certificate stored therein; 

placing said access card in said access card port of said destination device a first 

time; 

after said placing of said access card in said destination device a first time, 
accessing said second User Certificate from said destination device, and, within said 
access card, authenticating said second User Certificate from said destination device 
with said second Conditional Access Certificate to determine if said public encryption 
key should be read from said destination device and stored in said access card; 

if said public encryption key of said destination device should be written to said 
access card, writing said public encryption key from said destination device to said 
access card; 
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removing said access card from said destination device after said writing of said 
public encryption key; 

inserting said access card into said source device, and authenticating said first 
User Certificate with said first Conditional Access Certificate to determine if said access 
card is valid; 

if said access card is deemed to be valid by said source device, copying said 
public encryption key from said access card to said source device; 

at said source device, encrypting at least some of said digital information in said 
digital memory using at least one content encryption key to produce encrypted 
information, using said public encryption key from said destination device to encrypt said 
content encryption key to thereby generate at least one encrypted content encryption 
key, and storing said at least one encrypted content encryption key in said access card; 

connecting said port of said digital memory to said digital information port of said 
destination device; 

placing said access card in said access card port of said destination device a 
second time; 

after said step of placing said access card in said access card port of said 
destination device a second time, copying said at least one encrypted content encryption 
key from said access card to said destination device, and decrypting said encrypted 
content encryption key using the private key; and 

at said destination device, receiving said encrypted information from said digital 
memory, and using said content encryption key to decrypt said encrypted information. 
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11. (Original) A method according to claim 10, further comprising the step of 
establishing that said access card is not expired. 

12. (Original) A method according to claim 11, wherein said step of establishing that 
said access card is not expired is performed by comparing the current time with a 
timestamp in said User Certificate. 

13. (Previously Presented) An access card, said access card comprising: 

a memory having at various times at least first, second, and third states; 
authenticating means; 

said memory comprising, in said first state, a second Conditional Access 
Certificate-and a first User Certificate stored therein; 

said memory, in said second state, following a first insertion of said card and first 
authentication, where said first insertion of said card is into an access card port of a 
digital information destination device including a digital information port which is capable 
of receiving said digital information, a second stored User Certificate and mutually 
corresponding private and public encryption keys associated with said destination 
device, and said first authentication is performed by said authenticating means 
authenticating said second User Certificate from said destination device with said 
second Conditional Access Certificate, comprising said public encryption key from said 
destination device; 

said memory, in said third state, following a second insertion of said card and 
second authentication, where said second insertion of said card is into an access card 
port of a digital information source device including a removable digital memory 
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containing digital information and a further memory containing a first Conditional Access 
Certificate and at least one content encryption key, and also following authentication of 
said first User Certificate stored in said memory of said access card with said first 
Conditional Access Certificate stored in said source device to establish validity of said 
access card to said source device, comprising said at least one content encryption key 
encrypted with said public encryption key. 
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